Security in virtualized computing environments

ABSTRACT

A computer implemented method to identify one or more parameters of a configuration of a target virtual machine (VM) in a virtualized computing environment used in a security attack against the target VM, the security attack exhibiting a particular attack characteristic, is disclosed.

RELATED APPLICATION

The present application claims priority to EP Application No. 16184384.2filed Aug. 16, 2016, and GB Application No. 1614016.2, filed Aug. 16,2016 each of which is hereby incorporated herein in its entirety byreference.

TECHNICAL FIELD

The present disclosure relates to the detection of computer securitythreats.

BACKGROUND

Computer systems such as virtual machines (VMs) executing in virtualizedcomputing environments (VCEs) such as cloud computing environments maylook like any physical, networked or standalone computer system such asa personal computing device and are therefore equally susceptible to anykind of cyber-attack if not properly protected. For example, a VM maybecome infected by malware communicated via network communication orwhen a user opens an infected email attachment or connects to maliciouswebsites. Once a VM is infected it may become part of a group ofcollectively controlled systems such as a “botnet” for use by anadversary or hacker to coordinate further cyber-attacks on other systemscommunicatively connected to compromised systems, such as via theInternet.

Thus there is a need to protect such virtualized computer systems fromsuch attacks.

SUMMARY

The present disclosure accordingly provides, in a first aspect, acomputer implemented method to identify one or more parameters of aconfiguration of a target virtual machine (VM) in a virtualizedcomputing environment used in a security attack against the target VM,the security attack exhibiting a particular attack characteristic, themethod comprising: training a machine learning algorithm as a classifierbased on a plurality of training data items, each training data itemcorresponding to a training VM and including a representation ofparameters for a configuration of the training VM and a representationof characteristics of security attacks for the training VM; generating afirst data structure for storing one or more relationships between VMconfiguration parameters and attack characteristics, wherein the firstdata structure is generated by sampling the trained machine learningalgorithm to identify the relationships; receiving a second datastructure storing a directed graph representation of one or moresequences of VM configuration parameters for achieving the particularattack characteristic of the security attack, the VM parameters in thedirected graph being determined based on the first data structure; anddetermining a subset of sequences in the directed graph corresponding toVM parameters of the target VM to identify VM parameters of the targetVM used in the security attack.

In embodiments, each of the attack characteristics has associated aprotective measure, the method further comprising, in response to theidentification of an attack characteristic to which the target VM issusceptible, implementing the protective measure so as to protect the VMfrom attacks having the attack characteristic.

In embodiments, the machine learning algorithm is a restricted Boltzmannmachine.

In embodiments, the characteristics of security attacks include anindication of the consequence of a security attack executing in thetraining VM.

In embodiments, each training data item comprises a vector of binaryvalues indicating each indicating a presence or absence of aconfiguration feature and an attack characteristic of a correspondingtraining VM.

In embodiments, the data structure is a matrix data structure formapping VM configuration parameters against attack characteristics.

In embodiments, the restricted Boltzmann machine includes a plurality ofhidden units and a plurality of visible units, and sampling the trainedmachine learning algorithm includes generating sample inputs for thehidden units to determine values of the visible units.

In embodiments, each generated sample input is a vector of binary valueswherein each binary value is determined using a randomization algorithm.

In embodiments, each protective measure is a configuration parameter ora change to a configuration parameter for a VM to protect against anattack characteristic.

The present disclosure accordingly provides, in a second aspect, acomputer system including a processor and memory storing computerprogram code for performing the method set out above.

The present In embodiments, accordingly provides, in a third aspect, acomputer program element comprising computer program code to, whenloaded into a computer system and executed thereon, cause the computerto perform the method set out above.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the present disclosure will now be described, by way ofexample only, with reference to the accompanying drawings, in which:

FIG. 1 is a block diagram illustrating computer systems executing invirtualized computing environments under control of a botnet controller;

FIG. 2 is a block diagram of a virtualized computing environment inaccordance with embodiments of the present disclosure.

FIG. 3 is a block diagram of a computer system suitable for theoperation of embodiments of the present disclosure.

FIG. 4 illustrates an arrangement of an attack analysis and assessmentcomponent in accordance with embodiments of the present disclosure.

FIG. 5 is a block diagram of the attack analysis and assessmentcomponent of FIG. 4 in accordance with embodiments of the presentdisclosure.

FIG. 6 illustrates a matrix mapping VM configuration features againstattack features in an exemplary embodiment of the present disclosure.

FIG. 7 illustrates a further arrangement of the attack analysis andassessment component of FIG. 4 in accordance with embodiments of thepresent disclosure.

FIG. 8 illustrates a restricted Boltzmann machine for use in exemplaryembodiments of the present disclosure.

FIG. 9 illustrates the determination of an aggregate set of VMconfiguration features {X} and an aggregate set of attack features {A}in an exemplary embodiment of the present disclosure.

FIG. 10 illustrates exemplary input vectors for a restricted Boltzmannmachine based on the features of FIG. 9.

FIG. 11 illustrates states of hidden and visible units of a restrictedBoltzmann machine as part of a sampling process in an exemplaryembodiment of the present disclosure.

FIG. 12 is a component diagram illustrating an arrangement including asusceptibility determiner component for determining whether a target VMis susceptible to a security attack based on a pre-existing VMconfiguration for the target VM in accordance with some embodiments ofthe present disclosure.

FIG. 13 is a component diagram illustrating an arrangement including aconfiguration generator for determining a configuration of a target VMto protect against a security attack exhibiting a particular attackcharacteristic in accordance with some embodiments of the presentdisclosure.

FIG. 14 is a component diagram illustrating an arrangement including aconfiguration updater for determining a configuration of a VM to protectagainst a security attack exhibiting a particular attack characteristicand updating a pre-existing VM configuration for a target VM to protectagainst attacks having the attack characteristic based on the determinedconfiguration in accordance with some embodiments of the presentdisclosure.

FIG. 15 is a flowchart of a method to generate a classification schemefor configuration parameters of VMs in accordance with some embodimentsof the present disclosure.

FIG. 16 is a flowchart of a method to determine whether a target VM issusceptible to a security attack in accordance with some embodiments ofthe present disclosure.

FIG. 17 is a flowchart of a method to determine a configuration of atarget VM to protect against a security attack exhibiting a particularattack characteristic in accordance with some embodiments of the presentdisclosure.

FIG. 18 is a component diagram of an arrangement for attack mitigationin accordance with embodiments of the present disclosure.

FIG. 19 illustrates an exemplary entry in a feature classification datastructure for a malware attack characteristic in accordance with anexemplary embodiment of the present disclosure.

FIG. 20 illustrates a data structure storing a directed graphrepresentation of sequences of VM configuration parameters for themalware attack of FIG. 19 in accordance with an exemplary embodiment ofthe present disclosure.

FIG. 21 illustrates states of an exemplary configuration of a VM inaccordance with the VM configuration parameters of FIG. 19 and inaccordance with an exemplary embodiment of the present disclosure.

FIG. 22 illustrates a subset of sequences in the directed graph of FIG.20 corresponding to VM parameters of the VM of FIG. 21 in accordancewith an exemplary embodiment of the present disclosure.

FIG. 23 is a flowchart of a method to identify configuration parametersof a target VM used in a security attack against the target VM inaccordance with embodiments of the present disclosure.

FIG. 24 illustrates exemplary security facilities that can be employedto mitigate the malware attack of FIG. 19 in accordance with anexemplary embodiment of the present disclosure.

FIG. 25 is a flowchart of a method to mitigate a security attack againsta target virtual machine in accordance with embodiments of the presentdisclosure.

FIG. 26 illustrates exemplary VM configuration parameter changes thatcan be employed to mitigate the malware attack of FIG. 19 in accordancewith an exemplary embodiment of the present disclosure.

FIG. 27 is a flowchart of a method to mitigate a security attack againsta target virtual machine in accordance with embodiments of the presentdisclosure.

FIG. 28 illustrates a data structure storing a directed graphrepresentation of sequences of VM configuration parameters for an attackcharacteristic in accordance with an exemplary embodiment of the presentdisclosure.

FIG. 29 is a flowchart of a method to mitigate a security attack againsta target virtual machine in accordance with embodiments of the presentdisclosure.

FIG. 30 is a flowchart of a method to mitigate a security attack againsta target virtual machine in accordance with embodiments of the presentdisclosure.

DETAILED DESCRIPTION

One example of an attack employing compromised VMs is coordinated by a“botnet controller”—known as “Command and Control” (C&C)—which maycontrol a number of infected machines (any of which may be physical,virtual, cloud-hosted or standalone machines) to launch different kindsof attack. FIG. 1 is a block diagram illustrating computer systems 106executing in VCEs 102 a to 102 d under control of a botnet controller100. FIG. 1 shows an example scenario where the botnet controller 100controls a number of VMs 106 (shown hatched) hosted in potentiallydifferent VCEs 102 a to 102 d to launch one or more attacks on a targetcomputer system 108. Such an attack can include a distributed denial ofservice (DDoS) attack on the target 108. Notably the networkcommunication between infected VMs and the controller 100 may not employa direct connection and may be routed via other machines including otherinfected machines.

In order to protect a VM from becoming compromised by a malicious attackand potentially infected and/or recruited into a botnet a user (orsystem administrator) needs to apply appropriate security measures suchas, inter alia, installing up-to-date anti-malware software, configuringfirewalls to block suspicious network communication, and/or apply latestsecurity patches for an operating system etc. Additionally, a user mustbe vigilant when opening emails from unknown sources or accessing data,files or software communicated via a network such as the internet. Whilesuch measures can provide protection in general, it may not besufficient to protect against more sophisticated attacks or zero-dayattacks that are relatively unknown. There is also a lack of securityknowledge among many users which can lead to non-optimal configurationof security software (e.g. firewall) or unsafe access to materials via anetwork (e.g. unsafe browsing, not being aware of unsecure networkconnections such as non-HTTPS connections, etc.). In particular, forcloud-hosted machines cloud providers frequently employ VM or systemtemplates to assist users in deploying new VMs. Leaving a VMconfiguration at least partly in a default, template or original statecan pose a security risk since a potential adversary may have knowledgeof such a default configuration and may be able to exploit anyvulnerability in a deployed VM to compromise it.

Embodiments of the present disclosure seek to address the securityissues of virtualized computing environments such as cloud computingenvironments by obtaining configuration and/or security related featuresfrom VMs, combining them with detected attack characteristics and/or anabsence of attack information and applying a machine learning approachto determine whether or not a particular VM may be susceptible toattack.

FIG. 2 is a block diagram of a virtualized computing environment 102 inaccordance with embodiments of the present disclosure and shows anexample implementation of an embodiment of the present disclosure. Thearrangement of FIG. 2 includes one of potentially many VCEs 102 eachhosting one or more infected VMs 106 among a population of VMs 104 a to104 c. The virtualized computing environment 102 is a system forexecuting one or more virtualized computer systems in a local,distributed or hybrid manner. Such virtualization can be achieved usingvirtualization facilities such as one or more hypervisors or the like.Such virtualization provides a separation between a computer systemimplementation and physical hardware with which computer systemsexecute. Such computer systems are typically VMs such as VMs 104 a to104 c and VM 106. Distributed or remotely hosted virtualizedenvironments can provide computer systems as VMs for use, access orconsumption by consuming entities. An example of such an arrangement isa cloud hosted VCE.

Infected VMs 106 are controlled by a botnet controller 100 such as tolaunch an attack campaign. Infected VMs 106 can be part of multiple ordifferent botnets, i.e. controlled by different botnet controllers. VCEs102 may physically be located in different geographical areas, may bemanaged by a single or more service providers. In each VCE 102 a serviceprovider manages configuration information 110 and security information112. Configuration information 110 is information relating to aconfiguration of one or more VMs executing in the VCE 102. Theconfiguration information may be specific to a VM or apply to multipleVMs and includes an identification and/or definition or resources and/orconfigurations deployed for a VM. For example, via the configurationinformation 110 configuration parameters of each VM can be identifiedincluding, inter alia: Operating system identification; Networktopology; VPN configuration; DNS settings; Email configuration; aSecurity configuration, e.g. Antivirus, Firewall, etc. Thus theconfiguration information 110 is suitable for defining one or more VMcharacteristics 114 for VMs in the VCE 102.

The security information 112 is information relating to one or moresecurity facilities of the VCE 102 and/or individual VMs deployedtherein. In particular, the security information includes informationsufficient to determine characteristics of any attack(s) that haveoccurred in a VM in the VCE such as, inter alia: an indication of theexecution of malware; an indication of unauthorized changes to systemfiles; a connection to a known illicit, malicious or unsecure networksuch as “darknet”; and other such attack characteristics as will beapparent to those skilled in the art and that can be identified andrecorded by security services such as security software. For example,the security information 112 can include information including, interalia, information from VCE-wide security sensors, i.e. IDS (IntrusionDetection System), Firewall, Web-Proxy, etc. The security information112 provides characteristics 116 or features of successful attacks onany VM within the VCE, such as: Attack type, e.g. Virus, Trojan, etc.;Attack method, e.g. SQL injection, XSS, etc.; IP domain; Used ports,protocols or user agents, etc. Thus the security information 112 issuitable for defining one or more attack characteristics 116 for VMs inthe VCE. In some embodiments the security information 112 is specific toeach of one or more VMs 104, 106 and can be obtained, stored, handledand/or managed by such VMs individually.

FIG. 3 is a block diagram of a computer system suitable for theoperation of embodiments of the present disclosure. A central processorunit (CPU) 302 is communicatively connected to a storage 304 and aninput/output (I/O) interface 306 via a data bus 308. The storage 304 canbe any read/write storage device such as a random access memory (RAM) ora non-volatile storage device. An example of a non-volatile storagedevice includes a disk or tape storage device. The I/O interface 306 isan interface to devices for the input or output of data, or for bothinput and output of data. Examples of I/O devices connectable to I/Ointerface 306 include a keyboard, a mouse, a display (such as a monitor)and a network connection.

FIG. 4 illustrates an arrangement of an attack analysis and assessmentcomponent 118 in accordance with embodiments of the present disclosure.The attack analysis and assessment component of FIG. 4 is a hardware,software, firmware or combination component for the analysis of theattack characteristics 116 and the configuration characteristics 114 todetermine if a VM is susceptible to attack. Thus the attack analysis andassessment component 118 is operable to analyze configurationcharacteristics 114 and attack characteristics 116 and employs a featureextraction mechanism, such as latent factor extraction by machinelearning, to determine associations between configurationcharacteristics 114 and attack characteristics 116. Further, in someembodiments the attack analysis and assessment component 118 is operableto determine one or more attack characteristics for attacks to which aparticular VM configuration is vulnerable based on the identified latentfactors. Further, in some embodiments, the attack analysis andassessment component 118 is operable to determine one or morerecommendations for VM configuration to mitigate attacks having one ormore attack characteristics.

As illustrated in FIG. 4 both configuration characteristics 114 andattack characteristics 116 are received or accessed by the attackanalysis and assessment component 118 as input. The attack analysis andassessment component 118 produces a set of one or more associationsbetween these characteristics following a learning phase. The inputs maycome from multiple VCEs such as VCEs managed by a single cloud provider.Subsequently the associations determined by the attack analysis andassessment component 118 can be employed to determine whether or not aVM with particular configuration is susceptible to an attack havingcertain attack characteristics. Yet further the associations can beemployed to one or more VM configurations suitable for mitigating aparticular type of attack.

FIG. 5 is a block diagram of the attack analysis and assessmentcomponent 118 of FIG. 4 in accordance with embodiments of the presentdisclosure. The attack analysis and assessment component 118 includes alatent factor extractor 130 and a data structure manager 140, each ofwhich is a software, hardware, firmware or combination component.

The latent factor extractor 130 is a component for identifying latentfactors in a set of binary vectors such as a machine learning algorithm.For example, the latent factor extractor 130 can employ a restrictedBoltzmann machine as described below. Latent factors (or latentvariables) are features that are not directly observed in the binaryvectors but that can be inferred such as through a mathematical modelfrom the binary vectors. In particular, latent factors can be used toidentify associations between the elements in binary vectors by, forexample, categorizing binary vectors.

The data structure manager 140 is a component for generating a datastructure as a feature classification 142 that classifies latent factorsto identify and recognize associations between aspects of the latentfactors as will be explained in detail below.

The attack analysis and assessment component 118 receives or accessesconfiguration characteristics 114 and attack characteristics 116 foreach of a plurality of VMs to generate each of a configuration featureset {X} 124 and an attack feature set {A} 126 respectively.Configuration feature set {X} consists of elements each corresponding toa configuration feature of a VM. Similarly, attack feature set {A}consists of elements each corresponding to a feature of a successfulattack against the VM. For each VM the configuration features {X} andattack features {A} are combined together as input to the latent factorextractor 130. The combine sets {{X}, {A}} for each of multiple VMs areused as training data for the latent factor extractor 130. Following alltraining based on input sets {X} and {A} for multiple VMs the latentfactor extractor 130 generates, as an output, a reduced set of features{Y} representing learned underlying latent factors. Notably, thefeatures set {Y} is not necessarily a subset of features in all of thefeature sets {X}.

The feature sets {X}, {A} and {Y} are subsequently used by the datastructure generator 140 to generate a data structure classifyingconfiguration features, i.e. subsets of {X}, that are indicated aspermitting particular classes of attack (i.e. types of attack or attackscenarios). The mappings between the relevant configuration parametersand attack characteristics can be represented in an association datastructure such as the matrix 142 depicted in FIG. 6.

FIG. 6 illustrates a matrix 142 mapping VM configuration features 152against attack features 150 in an exemplary embodiment of the presentinvention. As can be seen from the exemplary data structure of FIG. 6,the attack feature “Changes in System files” occurred on VMs that, forexample, have “Admin Allowed to read files”, “Registry change allowed”and “SSH Allowed”. Thus the set of reduced features {Y} permits theidentification of associations between configuration features 152 andattack features 150. Notably the attack features are not specificattacks but rather classes or types of attack (e.g. an attack thatinvolves executing malware is a class of attack, not a specific malwareattack).

Thus from the data structure 142 it is possible to determine aconfiguration of a VM that may be susceptible to particular classes ofattack. Equally, it is possible to determine configurations of VM thatare indicated to be less susceptible to particular classes of attack.Accordingly, on the basis of the reduced set of features determined bylearning of the latent factor extractor 130 an indication ofsusceptibility of a VM configuration can be evaluated, and further aconfiguration or modifications to a configuration of a VM can bedetermined. Thus in some embodiments a component implemented ashardware, software, firmware or a combination component such asmonitoring agents instantiated with, within or in association with oneor more VMs and in communication with an attack analysis and assessmentcomponent 118 according to FIG. 5 and/or a feature classification 142such as the data structure of FIG. 6 is operable to one or more of:determine or have determined whether a VM is susceptible to a class ofattack based on its configuration; modify a VM configuration to mitigateor reduce susceptibility to one or more classes of attack; and/orgenerate a VM configuration for mitigating or reducing susceptibility toone or more classes of attack.

FIG. 7 illustrates a further arrangement of the attack analysis andassessment component 118 of FIG. 4 in accordance with embodiments of thepresent disclosure. Given a particular uninfected VM with a set ofconfiguration parameters, denoted as features set {X′}, theclassification process will make use of the outcome from an earliertraining phase (i.e. trained algorithms defining a reduced set offeatures {Y}) in conjunction with a set of detected attack features {A}in order to assess whether or not there will be an attack at the VM. Inthe following an exemplary implementation of an attack analysis andassessment component 118 using Restricted Boltzmann Machine as itsmachine learning algorithm is described.

FIG. 8 illustrates a restricted Boltzmann machine for use in exemplaryembodiments of the present invention. A restricted Boltzmann Machine(RBM) is a stochastic neural network, i.e. a network of neurons whereeach neuron has some random behavior when activated. It consists of onelayer of visible units 152, one layer of hidden units 154 and a biasunit 156. Each visible unit is connected to all the hidden units (thisconnection is undirected, so each hidden unit is also connected to allthe visible units), and the bias unit 156 is connected to all thevisible units and all the hidden units. The bias unit 156 is used toallow other units to learn an appropriate threshold. No visible unit isconnected to any other visible unit and no hidden unit is connected toany other hidden unit. After successful learning, an RBM provides aclosed-form representation of the distribution underlying the trainingdata.

In embodiments of the present invention the latent feature extractor 130includes an RBM as a classifier where the RBM is trained to model ajoint probability distribution of inputs (features set {X} of VMconfiguration features based on VM characteristics 114) andcorresponding labels (features set {A} of attack features based onattack characteristics 116), both represented by the visible units ofthe RBM. The hidden units represent a reduced set of features {Y} that,after training, can constitute a set of latent factors. The RBM works byupdating states of some units given the states of others. A unit canhave a binary state: state 0 (false—not activated); or state 1(true—activated). Hence the VM configuration features and attackfeatures are preferably represented as a binary vector.

For example, a set of features {X} for VM configuration features caninclude binary indications of the following features:

-   -   DNS allowed    -   Email allowed    -   Admin allowed to read file    -   OS is Window 7.0    -   HTTP allowed

For example, a set of detected attack features {A} for a VM can includebinary indications of the following features:

-   -   Malware running    -   Connection to malicious sites detected    -   Automatic redirection    -   Change in system files

Prior to training the RBM a set of management features {X} and attackfeature {A} for an entire training data set need to be determined. It isnecessary to determine the aggregate set of VM configuration featuresand attack features for the plurality of VMs in the training data set inorder to determine a size of a required binary vector and, accordingly,a number of visible units for the RBM. For example, training data canconsist of configuration features for a plurality of VMs with confirmedattack features. This means that there will be different sets of VMconfiguration parameters and attack characteristics for different VMs.Some of the configuration parameters are shared among the VMs and someare not. The same also applies to the attack features. Therefore, when acomplete set of features {X} is passed to an RBM's visible units for asingle VM, some visible units will activate (indicating features thatare present in the set {X}, such as by binary ‘1’ indication) and somewill not (features that are absent in the set {X}, such as by binary ‘0’indication).

FIG. 9 illustrates the determination of an aggregate set of VMconfiguration features {X} and an aggregate set of attack features {A}in an exemplary embodiment of the present disclosure. While only two VMsare indicated in FIG. 9 it will be appreciated by those skilled in theart that more training data will lead to an RBM having a bettercapability to identify classifications for input data. Thus, in FIG. 9,a first VM VM1 has a set of configuration features that differs fromthat of a second VM VM2, and further VM1 exhibits different attackfeatures to VM2. The aggregate set of all possible configurationfeatures is indicated as set {X} and includes seven possible features,so set {X} includes binary vectors having seven elements each thus:[0,0,0,0,0,0,0]. Further, the aggregate set of all possible attackfeatures is indicated as set {A} and includes four possible features, soset {A} includes binary vectors having four elements thus: [0,0,0,0].The number of visible units in the RBM is the sum of the number offeatures {X} and the number of features {A} and binary feature vectorsfor training the RBM will each be constituted as eleven element vectorscomprising {{X},{A}} thus: [0,0,0,0,0,0,0,0,0,0,0]. A number of hiddenunits can be determined during an RBM training phase to achieve anacceptable level of accuracy—a greater number of hidden units offering awider diversity of classifications but fewer discrete classes (i.e. alarger set {Y}) while a smaller number of hidden units focusesclassification on fewer classes but can lose subtle latent factors (i.e.a smaller set {Y}). The selection of an appropriate number of hiddenunits is thus a matter of tuning to achieve a desirable classification.

FIG. 10 illustrates exemplary input vectors 160 a and 160 b for an RBMbased on the features of FIG. 9. FIG. 10 shows how the features of VM1and VM2 can be prepared for input as visible units to train the RBM,each vector 160 a and 160 b constituting an item of training data andthe collective of all vectors constituting the training data set.

Additionally, in some embodiments the configuration features of VMswhich are confirmed to not have suffered any attack or infection canoptionally be provided as further training data by mapping into an inputbinary vector for visible units with the corresponding attack featurevector being set to all zeros or false (to indicate no attack). Such anapproach provides non-attacked VM configurations to the RBM to supportthe RBM in learning how to classify potentially safely-configured VMs.

Thus the RBM is trained with example features from infected andnon-infected VMs input as inputs to the visible units. The objective ofthe training process is for the RBM to learn connection weights betweenthe units, i.e. visible, hidden and bias. The training can be performedusing an algorithm known as “Contrastive Divergence Learning” such as isdescribed in Geoffrey Hinton's paper “A Practical Guide to TrainingRestricted Boltzmann Machines” (Aug. 2, 2010; University of TorontoDepartment of Computer Science). In summary contrastive divergenceinvolves performing a number of iterations to compute states of hiddenunits based on states of visible units and vice versa, where the statesof visible units are reconstructed from the hidden units. A number ofiterations increases with learning steps to achieve improved accuracy. Anumber of hidden units is estimated at the start of the learning phaseand may be adapted to achieve better accuracy.

The trained RBM constitutes a model for the joint probabilitydistribution of all inputs consisting of features sets {X} and {A}. Themodel is mainly represented by the computed weights of the connectionsbetween visible (v) and hidden (h) units/neurons. The distributionfunction p(v,h) is determined by the activation energy function E(v,h)defined by the model. p(v,h) is close to 1 for large positive activationenergies, and p(v,h) close to 0 for negative activation energies. Unitsthat are positively connected to each other try to get each other toshare the same state (i.e., be both on or off), while units that arenegatively connected to each other are enemies that prefer to be indifferent states. This behavior can also be used to determine asusceptibility to attack in embodiments of the present disclosure.

Following training of the RBM the data structure manager 140subsequently generates the feature classification data structure 142such as a matrix, table or the like such as the matrix illustrated inFIG. 6. A classification process is employed using the features sets{X}, {A} and the reduced set {Y} (or hidden units) of the trained RBM.The feature classification data structure 142 can be generated throughsampling of visible units in the RBM based on hidden having randomlydefined activation states. Thus FIG. 11 illustrates states of hidden andvisible units of a restricted Boltzmann machine as part of a samplingprocess in an exemplary embodiment of the present disclosure. Theprocess can be summarized as:

1.A random sequence 174 for states of the hidden units is generated.

2. The hidden units are input to the trained RBM hidden units.

3. The RBM generates a number of samples of visible units.

4. The sampled visible units are extracted to configuration features set{X″} and attack features set {A′}.

5.The new features sets {X″} and {A′} are then mapped to an m×n matrix(m and n are the lengths of features sets {X′} and {A′}, respectively).Preferably, only sampled visible units with one or more non-zero valuesof attack features set {A′} are considered for inclusion in the matrix.

6. The whole sampling process is repeated multiple times with new randomsequences 174 at step 1 to build a comprehensive hotspot matrix.

The resulting data structure (matrix) can subsequently be employed for:reconstructing possible attack scenarios for compromising a VM;determining a susceptibility of a VM configuration to an attackscenario; and determining a VM configuration for mitigating or reducinga susceptibility to an attack scenario.

FIG. 12 is a component diagram illustrating an arrangement including asusceptibility determiner 184 component for determining whether a targetVM is susceptible to a security attack based on a pre-existing VMconfiguration 180 for the target VM in accordance with some embodimentsof the present disclosure. The susceptibility determiner 184 is ahardware, software, firmware or combination component for determiningsusceptibility of the target VM to attack. The susceptibility determineraccesses a feature classification 142 generated according to thetechniques hereinbefore described. For example, the featureclassification 142 can comprise a matrix, table or other data structuresuch as the matrix of FIG. 6. The susceptibility determiner 184 furtheraccesses the pre-existing VM configuration 180 for the target VM todetermine if the target VM is susceptible to a security attack. Theattack can be a particular attack being associated with one or moreattack characteristics on which bases the feature classification 142 isdefined. Alternatively, the attack can be identified directly in termsof one more attack features in the classification 142. Thesusceptibility determiner 184 thus uses the VM configuration for thetarget VM to identify attack characteristics identified in the featureclassification 142 to which the target VM is susceptible. In this wayattack characteristic susceptibility of the target VM can be determinedand remediation or protective measures can be employed.

For example, each attack characteristic can have associated one or moreprotective measures such as, inter alia: a configuration parameter orchange to a configuration parameter for a VM to protect against attacksexhibiting a particular characteristic, such as disabling DNSredirection, restricting access to certain resources such as files ordirectories, closing certain network ports, and the like; and/or anadditional function, routine, facility, service or other resourcesuitable for detecting and/or protecting against attacks exhibiting aparticular characteristic, such as antimalware software, intrusiondetection facilities, proxies and firewalls and the like.

Thus, in this way embodiments of the present disclosure provide for thedetermination of susceptibility of a target VM to security attacks. Thesusceptibility can be quantified such as a degree of susceptibility andremediation or protective measures or deployment determinations for thetarget VM can be based on the determined degree of susceptibility.

FIG. 13 is a component diagram illustrating an arrangement including aconfiguration generator 188 for determining a configuration 186 of atarget VM to protect against a security attack exhibiting a particularattack characteristic in accordance with some embodiments of the presentdisclosure. The configuration generator 188 is a hardware, software,firmware or combination component for generating the VM configuration186. The configuration generator 188 accesses a feature classification142 generated according to the techniques hereinbefore described. Forexample, the feature classification 142 can comprise a matrix, table orother data structure such as the matrix of FIG. 6. Furthermore, theconfiguration generator 188 preferably receives an identification of oneor more attack characteristics to from which the target VM is intendedto be protected. Alternatively, the configuration generator 188 can beconfigured to generate a VM configuration 186 that protects againstsubstantially all, or a majority of, or a subset of attackcharacteristics indicated in the feature classification 132. Whereprotection is provided against a subset the subset may be determinedbased on, for example, a prioritization of attach characteristics or anassessment of attack characteristics relevant to a particular VM basedon one or more software components to be executed by the VM or use casedefinition for the VM. Thus, in use, the configuration generator 188inspects the feature classification 142 to determine configurationparameters for the target VM that are not associated with attackcharacteristics that the VM is to be protected from. In this way a VMconfiguration can be generated that serves to reduce a susceptibility ofthe target VM to attacks having particular attack characteristics.

It will be appreciated by those skilled in the art that protectionagainst attacks exhibiting a particular attack characteristic need notprovide a guarantee of absolute avoidance or removal of attacks withsuch characteristics, rather protection seeks to reduce susceptibility,mitigate and/or avoid such attacks.

FIG. 14 is a component diagram illustrating an arrangement including aconfiguration updater 189 for determining a configuration of a VM toprotect against a security attack exhibiting a particular attackcharacteristic and updating a pre-existing VM configuration 180 for atarget VM to protect against attacks having the attack characteristicbased on the determined configuration in accordance with someembodiments of the present disclosure. The manner of operation of theupdater 189 of FIG. 14 is similar to that of the configuration generator188 of FIG. 13 except that the updater 189 is further adapted to accessthe pre-existing VM configuration 180 and update the configuration 180in view configuration parameters determined to protect against certainattack characteristics based on the feature classification to generatean updated or replacement VM configuration 186 for the target VM.

FIG. 15 is a flowchart of a method to generate a classification schemefor configuration parameters of VMs in accordance with some embodimentsof the present disclosure. Initially, at 190, a machine learningalgorithm is trained as a classifier based on a plurality of trainingdata items, each training data item corresponding to a training VM andincluding a representation of parameters for a configuration of thetraining VM and a representation of characteristics of security attacksfor the training VM. Subsequently, at 192, a data structure is generatedfor storing one or more relationships between VM configurationparameters and attack characteristics. The data structure is generatedby sampling the trained machine learning algorithm to identify therelationships.

FIG. 16 is a flowchart of a method to determine whether a target VM issusceptible to a security attack in accordance with some embodiments ofthe present disclosure. Activities 190 and 192 are substantially asdescribed above with respect to FIG. 15. Subsequently, at 194, a set ofconfiguration parameters for the target VM are determined. At 195 attackcharacteristics in the data structure associated with configurationparameters of the target VM are identified as characteristics of attacksto which the target VM is susceptible.

FIG. 17 is a flowchart of a method to determine a configuration of atarget VM to protect against a security attack exhibiting particularattack characteristics in accordance with some embodiments of thepresent disclosure. Activities 190 and 192 are substantially asdescribed above with respect to FIG. 15. Subsequently, at 196, theparticular attack characteristic in the data structure are identified todetermine a set of VM configuration parameters indicated as associatedwith the particular attack characteristic. At 198 a VM configuration isgenerated for the target VM wherein the configuration parameters in thedetermined set of VM configuration parameters are absent in thegenerated VM configuration.

FIG. 18 is a component diagram of an arrangement for attack mitigationin accordance with embodiments of the present disclosure. An attackmitigation component 204 is provided as a hardware, software, firmwareor combination component for mitigating an attack against a target VMwhere the attack exhibits one or more particular attack characteristics.The attack mitigation component 204 thus accesses a VM configuration 200for the target VM and a directed graph data structure 202. The directedgraph data structure 202 is predefined based on the featureclassification 142 generated by the attack analysis and assessmentcomponent 118. The directed graph includes vertices representing VMconfiguration parameters connected by directed edges to form sequencesof VM configuration parameters involved in achieving a particular attackcharacteristic for an attack. In some embodiments the attack mitigationcomponent 204 generates new or modified VM parameters 206 as describedbelow. An exemplary arrangement in respect of an exemplary malwareattack characteristic will now be described.

FIG. 19 illustrates an exemplary entry in a feature classification datastructure 142 for a malware attack characteristic in accordance with anexemplary embodiment of the present disclosure. The featureclassification entry of FIG. 19 is generated by the attack analysis andassessment component 118 following training of a latent featureextractor 130 based on a plurality of training data items as trainingexamples. As can be seen in FIG. 19 an attack characteristiccorresponding to the execution of malware in a VM is characterized by anumber of VM configuration parameters including: email being permitted;Windows 10 operating system being used; file transfer protocol (FTP)being permitted; hypertext transport protocol (HTTP) being permitted;write access to a file system directory being permitted;administrator-level login being permitted; and superuser privilege beingpermitted.

FIG. 20 illustrates a data structure storing a directed graphrepresentation of sequences of VM configuration parameters for themalware attack of FIG. 19 in accordance with an exemplary embodiment ofthe present disclosure. The graph of FIG. 19 can be generated by asystems analyst, user or VM administrator and reflects latent knowledgeof how the VM configuration parameters identified for the malware attackcharacteristic in FIG. 19 can be arranged in ordered sequence(s) inorder for an attack having such a characteristic to take place. Thus itcan be seen in FIG. 20 that sequences start at the “start” vertex andfollow sequences through the graph to a final vertex in which “malwareexecutes” is indicated. All sequences start at vertex 1 based on the“email allowed” VM configuration parameter. One sequence proceedsthrough vertices 2, 4, 5 and 6 representing VM configuration parameters“DNS redirection permitted”, “FTP allowed”, “directory write accesspermitted” and “admin login permitted”. Alternative sequences throughthe graph also exist, such as the sequence through vertices 1, 3, 5, 7corresponding to: “Email allowed”, “directory write access permitted”,and “super user privileges permitted”. Other sequences also exist suchas, inter alia: 1, 3, 4, 5, 6; 1, 3, 5, 6; and 1, 2, 3, 5, 6. Thus thedirected graph of FIG. 20 represents multiple sequences from the “start”vertex to the “malware executes” vertex with each sequence comprised ofa list of VM configuration parameters for achieving the particularattack characteristic. In some embodiments the directed graph is storedas a data structure for access by an attack mitigation component 204,such as data structures well known to those skilled in the art.

FIG. 21 illustrates states of an exemplary configuration of a VM inaccordance with the VM configuration parameters of FIG. 19 and inaccordance with an exemplary embodiment of the present disclosure.Notably the configuration parameters indicated in FIG. 21 are for onespecific VM implementation (as opposed to an entire featureclassification 142) though, in the exemplary embodiment, the parametersare defined by a vector of binaries in terms of all possible VMparameters of the feature classification 142 of FIG. 19.

Thus the VM associated with the VM configuration of FIG. 21 exhibitsonly a subset of the VM configuration parameters of FIG. 19 (forexample, not exhibiting “FTP allowed”). The directed graph of FIG. 20can be used to determine any subset of sequences corresponding to the VMconfiguration parameters of the VM of FIG. 21. Thus FIG. 22 illustratesa subset of sequences in the directed graph of FIG. 20 corresponding toVM parameters of the VM of FIG. 21 in accordance with an exemplaryembodiment of the present disclosure. The subset of sequences is shownby the emphasized continuous arrows in FIG. 22. It can be seen,therefore, that the VM configuration parameters associated with the VMof FIG. 21 do indeed constitute a subset of the sequences indicated bythe directed graph and accordingly it can be concluded that the VM issusceptible to an attack exhibiting a malware attack characteristic.

FIG. 23 is a flowchart of a method to identify configuration parametersof a target VM used in a security attack against the target VM inaccordance with embodiments of the present disclosure. Initially themethod performs 190 and 192 as previously described to generate thefeature classification data structure 142. Subsequently, at 210, themethod receives a data structure storing a directed graph representationof sequences of VM configuration parameters for achieving an attackcharacteristic of the security attack. The directed graph is determinedbased on the feature classification data structure. At 212 the methoddetermines a subset of sequences in the directed graph corresponding toVM parameters of the target VM to identify VM parameters of the targetVM used in the security attack. Thus, in this way the method identifiesparameters of a configuration of the target VM used in a security attackagainst the target VM.

Once such VM configuration parameters have been identified thenmitigation measures against the security attack can be employed. FIG. 24illustrates exemplary security facilities that can be employed tomitigate the malware attack of FIG. 19 in accordance with an exemplaryembodiment of the present disclosure. Each VM configuration parameter inthe directed graph of FIG. 24 has associated one or more securityfacilities that may be employed to mitigate or protect the VM or toreduce the risk of attack or success of an attack. For example, the“email allowed” parameter can be supplemented by security facilitiesfor: scanning email; scanning for malware in email; removing attachmentsto emails; and/or removing or replacing links in emails. The “DNSredirection permitted” parameter can be supplemented by securityfacilities for detecting DNS redirection. The “HTTP allowed” parametercan be supplemented by security facilities such as: a firewall; a proxy;an HTTP filter; a download detector; and a malware scanner. The “FTPallowed” parameter can be supplemented by security facilities for:detecting downloads; and malware scanning. The “directory write accesspermitted” parameter can be supplemented by security facilities formalware scanning. The “admin login permitted” and “super user privilegespermitted” parameters can be supplemented by security facilities for:enhanced authentication; multi-factor such as 2-factor authentication;logging of authentication attempts; and monitoring of the behavior ofadministrators logged-in.

FIG. 25 is a flowchart of a method to mitigate a security attack againsta target virtual 20 machine in accordance with embodiments of thepresent disclosure. Initially the method performs 190, 192, 210 and 212as previously described. Subsequently, at 214, the target VMconfiguration is supplemented by one or more security facilitiesassociated with one or more of the VM parameters identified for thetarget VM. Thus, considering the VM parameters for the VM of FIG. 21 anyor all of the security facilities associated with the “email allowed”,“DNS redirection permitted”, “HTTP allowed”, “directory write accesspermitted”, and “super user privileges permitted” may be configured tobe applied to the VM to mitigate the malware attack.

As an alternative to mitigating an attack by the inclusion of securityfeatures, modifications to VM configuration parameters themselves may beadopted. FIG. 26 illustrates exemplary VM configuration parameterchanges that can be employed to mitigate the malware attack of FIG. 19in accordance with an exemplary embodiment of the present disclosure.Thus FIG. 26 illustrates how any of the VM configuration parameters ofthe VM of FIG. 21 may be changed to break the sequence through thedirected graph and so mitigate the malware attack. Accordingly, FIG. 27is a flowchart of a method to mitigate a security attack against atarget virtual machine in accordance with embodiments of the presentdisclosure. Initially the method performs 190, 192, 210 and 212 aspreviously described. Subsequently, at 216, the method reconfigures thetarget VM by changing one or more VM parameters identified by directedgraph as being included in the sequence of parameters for the attackcharacteristic.

One challenge remaining with the approach of FIG. 27 is the possibilitythat an attack with the malware attack characteristic can nonetheless bebrought against a VM even when the sequence of parameters for the VM inthe directed graph is broken. For example, mitigation of the attackcharacteristic of FIG. 26 by setting “HTTP allowed =false” could lead tocircumvention of the mitigation measure, such as to employ FTP or analternative communication mechanism.

To illustrate this challenge clearly reference is made to FIG. 28. FIG.28 illustrates a data structure storing a directed graph representationof sequences of VM configuration parameters for an attack characteristicin accordance with an exemplary embodiment of the present disclosure.The directed graph of FIG. 28 is considerably larger and more complexthan that previously considered and it is to be recognized that directedgraphs modeling sequences of VM parameters for real deployed VMs can belarge and complex with many sequences leading from a “start” vertex toan “attack” vertex corresponding to an attack characteristic. Notablythe graph of FIG. 28 shows many alternative sequences to achieve theattack characteristic, such as the initial selection between vertices12, 3 and 6, and even then further selections such as from vertex 12 toany of vertices 22, 21 and 15. Thus it can be seen that there are manyroutes through the graph of FIG. 28. However, there are notablycommonalities in the graph of FIG. 28 also. In particular, all sequencesultimately pass through one of vertices 11 or 1 and all sequencesultimately pass through vertex 4. Other commonalities can be found also,such as all sequences pass through one of vertex 22, 7 or 1, and othersthat can be identified. Thus it is possible to rationalize a particularsequence or sequences through the directed graph to common vertices andaddress mitigation measures to the VM parameters associated with thosevertices. Such rationalization will involve the selection of a subset ofvertices through which all sequences pass. This selection can be drivenby an objective, such as a predetermined criteria. For example, thepredetermined criteria can require that the selection of vertices formitigation is based on a minimum number of vertices to cover allsequences through the graph. Alternatively other criteria may be used,such as a proportion coverage of sequences or a guaranteed coverage ofspecific sequences.

In some cases mitigation of a particular VM parameter may not bepossible or may be undesirable. For example, a security facility may notbe available for a particular VM parameter and/or it may not be possibleto reconfigure a VM parameter due to constraints on the VM. For example,a VM operating as a web server must communicate via HTTP networkingports and it may therefore not be possible to close those ports on sucha server. Accordingly, it can be desirable to select mitigation measuresand vertices in the graph as a basis for mitigation based on someranking, prioritization or preference mechanism such that moreappropriate/preferred VM parameters are modified in favor of lessappropriate/preferred parameters.

In one embodiment some or all vertices (and the VM parameters theyrepresent) in the directed graph are each associated with apredetermined weight or score. In such an embodiment the predeterminedcriteria for selecting vertices for mitigation are defined based on suchweights or scores. For example, individual vertices can be selected thatmeet a predetermined threshold weight or score. Alternatively, acollection of vertices can be selected that collectively meet apredetermined weight or score (i.e. a total of all weights or scoresmeets a predetermined condition). Such a condition can be, for example,a maximum or minimum weight or score. Such an approach is helpful whereit is desirable to indicate an importance, relevance, appropriateness orpreference of VM parameters such that, for example, a weight or scorecan indicate an importance of a VM parameter where parameters that aremore important have more impact on an overall weight.

Thus FIG. 29 is a flowchart of a method to mitigate a security attackagainst a target virtual machine in accordance with embodiments of thepresent disclosure. Initially the method performs 190, 192, 210 and 212as previously described. Subsequently, at 220 the directed graph isanalyzed to select at least one vertex through which all sequences forthe attack characteristic pass. This analysis can be achieved by variousalgorithms as will be apparent to those skilled in the art for directedgraph analysis such as a method in which all possible sequences throughthe graph are identified to determine individual vertices common to allsequences or a set of vertices whereby each sequence through the graphincludes at least one element from the set. Subsequently, at 222, themethod reconfigures the target VM based on the selected vertices tomitigate attacks exhibiting the attack characteristic.

All the above methods are effective for identifying and/or mitigatingattacks exhibiting an attack characteristic. However, a challengeremains where an attack characteristic continues to be observed in a VMdespite mitigation; for example, where all sequences through thedirected graph are blocked and yet an attack persists. Such attackcharacteristics can arise as a result of the attack adapting to employother services and/or facilities of a VM not currently modeled in thedirected graph. Such a situation can be addressed by causing theretraining of the RBM to provide for the regeneration of the featureclassification data structure. In particular, the retraining of the RBMmust be undertaken with at least some training examples (data items)corresponding to the attack having the attack characteristic that existsdespite the mitigation measures. Accordingly, the retraining willgenerate a new feature classification data structure 142 on which basesa new directed graph can be generated. Such new directed graph can thenbe employed to model the VM parameters employed by the attackcharacteristic to implement mitigation measures as hereinbeforedescribed.

Thus FIG. 30 is a flowchart of a method to mitigate a security attackagainst a target virtual machine in accordance with embodiments of thepresent disclosure. Initially the method performs 190, 192 and 210 aspreviously described. Subsequently, at 230, the method identifies VMparameters of a target VM used in the security attack, such as by way ofthe techniques described above. At 232 the method determines if thesecurity parameters form a continuous sequence in the directed graphfrom a start vertex to an attack vertex. Where there is such acontinuous sequence then a mitigation can be implemented at 236 inaccordance with the techniques described hereinbefore. However, wherethere is no such sequence then the method proceeds to 234 in which newtraining data items are generated for one or more training VMs includingVMs subject to the attack for which a sequence was not identified.Subsequently the method causes retraining of the RBM by returning to 190and the method repeats until a sequence through a regenerated directedgraph is identified on which basis mitigation can be applied.

Insofar as embodiments of the disclosure described are implementable, atleast in part, using a software-controlled programmable processingdevice, such as a microprocessor, digital signal processor or otherprocessing device, data processing apparatus or system, it will beappreciated that a computer program for configuring a programmabledevice, apparatus or system to implement the foregoing described methodsis envisaged as an aspect of the present disclosure. The computerprogram may be embodied as source code or undergo compilation forimplementation on a processing device, apparatus or system or may beembodied as object code, for example.

Suitably, the computer program is stored on a carrier medium in machineor device readable form, for example in solid-state memory, magneticmemory such as disk or tape, optically or magneto-optically readablememory such as compact disk or digital versatile disk etc., and theprocessing device utilizes the program or a part thereof to configure itfor operation. The computer program may be supplied from a remote sourceembodied in a communications medium such as an electronic signal, radiofrequency carrier wave or optical carrier wave. Such carrier media arealso envisaged as aspects of the present disclosure.

It will be understood by those skilled in the art that, although thepresent invention has been described in relation to the above describedexample embodiments, the invention is not limited thereto and that thereare many possible variations and modifications which fall within thescope of the invention.

The scope of the present invention includes any novel features orcombination of features disclosed herein. The applicant hereby givesnotice that new claims may be formulated to such features or combinationof features during prosecution of this application or of any suchfurther applications derived therefrom. In particular, with reference tothe appended claims, features from dependent claims may be combined withthose of the independent claims and features from respective independentclaims may be combined in any appropriate manner and not merely in thespecific combinations enumerated in the claims.

The invention claimed is:
 1. A computer implemented method to identifyone or more parameters of a configuration of a target virtual machine(VM) in a virtualized computing environment used in a security attackagainst the target VM, the security attack exhibiting a particularattack characteristic, the method comprising: training a machinelearning algorithm as a classifier based on a plurality of training dataitems, each training data item corresponding to a training VM andincluding a representation of parameters for a configuration of thetraining VM and a representation of characteristics of security attacksfor the training VM; generating a first data structure for storing oneor more relationships between VM configuration parameters and attackcharacteristics, wherein the first data structure is generated bysampling the trained machine learning algorithm to identify the one ormore relationships; receiving a second data structure storing a directedgraph representation of one or more sequences of VM configurationparameters for achieving the particular attack characteristic of thesecurity attack, the VM configuration parameters in the directed graphbeing determined based on the first data structure; and determining asubset of sequences in the directed graph corresponding to VMconfiguration parameters of the target VM to identify VM configurationparameters of the target VM used in the security attack.
 2. The methodof claim 1, wherein each of the attack characteristics has associated aprotective measure, the method further comprising, in response to theidentification of an attack characteristic to which the target VM issusceptible, implementing the protective measure so as to protect the VMfrom attacks having the attack characteristic.
 3. The method of claim 2wherein each protective measure is a configuration parameter or a changeto a configuration parameter for a VM to protect against an attackcharacteristic.
 4. The method of claim 1, wherein the machine learningalgorithm is a restricted Boltzmann machine.
 5. The method of claim 4wherein the restricted Boltzmann machine includes a plurality of hiddenunits and a plurality of visible units, and sampling the trained machinelearning algorithm includes generating sample inputs for the hiddenunits to determine values of the visible units.
 6. The method of claim 5wherein each generated sample input is a vector of binary values whereineach binary value is determined using a randomization algorithm.
 7. Themethod of claim 1, wherein the characteristics of security attacksinclude an indication of the consequence of a security attack executingin the training VM.
 8. The method of claim 1, wherein each training dataitem comprises a vector of binary values indicating each indicating apresence or absence of a configuration feature and an attackcharacteristic of a corresponding training VM.
 9. The method of claim 1,wherein the data structure is a matrix data structure for mapping VMconfiguration parameters against attack characteristics.
 10. Anon-transitory computer-readable storage medium storing a computerprogram element comprising computer program code to, when loaded into acomputer system and executed thereon, cause the computer to perform themethod as claimed in claim
 1. 11. A computer system comprising: aprocessor and memory storing computer program code to identify one ormore parameters of a configuration of a target virtual machine (VM) in avirtualized computing environment used in a security attack against thetarget VM, the security attack exhibiting a particular attackcharacteristic by: training a machine learning algorithm as a classifierbased on a plurality of training data items, each training data itemcorresponding to a training VM and including a representation ofparameters for a configuration of the training VM and a representationof characteristics of security attacks for the training VM; generating afirst data structure for storing one or more relationships between VMconfiguration parameters and attack characteristics, wherein the firstdata structure is generated by sampling the trained machine learningalgorithm to identify the one or more relationships; receiving a seconddata structure storing a directed graph representation of one or moresequences of VM configuration parameters for achieving the particularattack characteristic of the security attack, the VM configurationparameters in the directed graph being determined based on the firstdata structure; and determining a subset of sequences in the directedgraph corresponding to VM configuration parameters of the target VM toidentify VM configuration parameters of the target VM used in thesecurity attack.